MIT Thinks It Can One-Up TOR With New Anonymity Network: Riffle

Tor is the household name in anonymous networks but the system has vulnerabilities, especially when it comes to an attacker finding out who is sending and receiving messages. Researchers at MIT and the École Polytechnique Fédérale de Lausanne think they have found a better way in a system called Riffle. You can dig into the whitepaper but the MIT news article does a great job of providing an overview.

The strength at the core of Tor is the Onion Routing that makes up the last two letters the network’s name. Riffle keeps that aspect, building upon it in a novel way. The onion analogy has to do with layers of skins — a sending computer encrypts the message multiple times and as it passes through each server, one layer of encryption is removed.

Riffle starts by sending the message to every server in the network. It then uses Mix Networking to route the message to its final destination in an unpredictable way. As long as at least one of the servers in the network is uncompromised, tampering will be discovered when verifying that initial message (or through subsequent authenticated encryption checks as the message passes each server).

The combination of Mix Networking with the message verification are what is novel here. The message was already safe because of the encryption used, but Riffle will also protect the anonymity of the sender and receiver.

[via Engadget]

32 thoughts on “MIT Thinks It Can One-Up TOR With New Anonymity Network: Riffle

    1. by increasing latency via a mixing process at the server where all incoming packets are mixed and then sent out in random order over x period of time.

      this can lead to very high latencies in extreme situations but with enough mix servers it shouldn’t be too bad.

    2. I thought the same. Here it says if at least one is not compromised. Therefore “every server” could be relative. That is, you could have groups of servers. If you only have 3 onions in Tor, you are trading anonymity for latency. With this, if you have 20 servers you have a level of protection against timing attacks, if you have 200 servers, you have more, but higher overheads, and vice versa. So if my understanding is correct, trust within the group of servers becomes important. And of course with all of these, the network effect – getting a lot of people is paramount. Trust and uptake will require a miracle of a trusted organisation and good PR. A US Military department started Tor (kick starting the network effect and with some trust), you would need Tor to either adopt this new measure or publicly support a second network if they believe their current one will eventually become obsolete.

      1. I don’t think there’s anyone who thinks using an “assault rifle” (I assume you mean some form of automatic weapon) for home defense is a good idea. I will, however, cuddle my AR15 as I fall asleep at night. It’s so cute when it’s fast asleep :3

        1. Seriously? I bet I can find 100K people who will call it a good idea in as fast as google can deliver the results.
          Also, it depends on the type of place you call home I guess.

  1. Make your own mix/router in your vpn-enabled ddwrt,router, simply cycle the server name as follows:

    while :

    ps | grep open | awk ‘{print “kill -9 ” $1}’ | sh

    n=$(/dev/null);n=$((n % 12))
    case “$n” in
    0) SERVER=”bogus1″;;
    1) …
    echo tls-auth /tmp/openvpncl/ta.key 1 >> /tmp/openvpncl/openvpn.conf

    openvpn –config /tmp/openvpncl/openvpn.conf –ca /tmp/openvpncl/ca.crt &

    echo “Sleep:$n”

    while [ $i -le $n ]
    echo “TICK: $i/$n”
    sleep 15
    i=$((i + 15))


  2. God bless American At least a few groups are still out there trying to protect our rites everybody else is so scared to get hurt or get offended that they won’t hardly go out and do anything . Get out there kick some ass offend somebody don’t be afraid to change something that’s what makes this country great . Good job MIT!!!!

      1. That’s the nature of a free country, bud. You either let everyone be free, and police illegal things after they occur, or you restrict everything and monitor everyone, and become the Fourth Reich. Your choice, but I’ll take the former.

    1. Quite right, we should instead make all walls transparent and install cameras and trackers in everybody’s head (I know they all already carry them everywhere, but in their heads is even better).

      Then we can also finally get rid of people asking for rights and the LGBT deviants and socialist and communist and atheists and people who like cats. Oh and jews of course, and mexicans and negroes and such. And people who question executing civilians from other countries or who complain about torture.

  3. I haven’t read the white paper but…. when they talk about uncompromised servers… smells like… like everywhere, if you have a compromised server, you will have a leak… i dont know how they invert that to only need one good server… and that fast and scalable thing using multicast… do they mean flooding scalable??

    I have many doubts about it…

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.